mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-25 00:50:31 +00:00
WebUI: skip checks for static resource
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
parent
be2ed1089c
commit
12f599fd65
2 changed files with 24 additions and 1 deletions
|
@ -12903,6 +12903,18 @@ func TestDefender(t *testing.T) {
|
|||
rr = executeRequest(req)
|
||||
checkResponseCode(t, http.StatusForbidden, rr)
|
||||
assert.Contains(t, rr.Body.String(), "your IP address is blocked")
|
||||
// requests for static files should be always allowed
|
||||
req, err = http.NewRequest(http.MethodGet, "/static/favicon.ico", nil)
|
||||
assert.NoError(t, err)
|
||||
req.RemoteAddr = remoteAddr
|
||||
rr = executeRequest(req)
|
||||
checkResponseCode(t, http.StatusOK, rr)
|
||||
|
||||
req, err = http.NewRequest(http.MethodGet, "/.well-known/acme-challenge/foo", nil)
|
||||
assert.NoError(t, err)
|
||||
req.RemoteAddr = remoteAddr
|
||||
rr = executeRequest(req)
|
||||
checkResponseCode(t, http.StatusNotFound, rr)
|
||||
|
||||
_, err = httpdtest.RemoveUser(user, http.StatusOK)
|
||||
assert.NoError(t, err)
|
||||
|
|
|
@ -1231,6 +1231,17 @@ func (s *httpdServer) mustStripSlash(r *http.Request) bool {
|
|||
!strings.HasPrefix(urlPath, webStaticFilesPath) && !strings.HasPrefix(urlPath, acmeChallengeURI)
|
||||
}
|
||||
|
||||
func (s *httpdServer) mustCheckPath(r *http.Request) bool {
|
||||
var urlPath string
|
||||
rctx := chi.RouteContext(r.Context())
|
||||
if rctx != nil && rctx.RoutePath != "" {
|
||||
urlPath = rctx.RoutePath
|
||||
} else {
|
||||
urlPath = r.URL.Path
|
||||
}
|
||||
return !strings.HasPrefix(urlPath, webStaticFilesPath) && !strings.HasPrefix(urlPath, acmeChallengeURI)
|
||||
}
|
||||
|
||||
func (s *httpdServer) initializeRouter() {
|
||||
var hasHTTPSRedirect bool
|
||||
s.tokenAuth = jwtauth.New(jwa.HS256.String(), getSigningKey(s.signingPassphrase), nil)
|
||||
|
@ -1240,7 +1251,7 @@ func (s *httpdServer) initializeRouter() {
|
|||
s.router.Use(s.parseHeaders)
|
||||
s.router.Use(logger.NewStructuredLogger(logger.GetLogger()))
|
||||
s.router.Use(middleware.Recoverer)
|
||||
s.router.Use(s.checkConnection)
|
||||
s.router.Use(middleware.Maybe(s.checkConnection, s.mustCheckPath))
|
||||
if s.binding.Security.Enabled {
|
||||
secureMiddleware := secure.New(secure.Options{
|
||||
AllowedHosts: s.binding.Security.AllowedHosts,
|
||||
|
|
Loading…
Reference in a new issue